What is the severity of CVE-2023-25004?

CVE-2023-25004 has been classified with a severity level that could allow for code execution through integer overflow vulnerabilities.

How do I fix CVE-2023-25004?

To fix CVE-2023-25004, update the affected Autodesk products to the latest version provided by Autodesk.

Which Autodesk products are affected by CVE-2023-25004?

CVE-2023-25004 affects several Autodesk products including Autodesk Alias, AutoCAD, AutoCAD Advance Steel, and others from specific versions.

What types of vulnerabilities does CVE-2023-25004 involve?

CVE-2023-25004 involves integer overflow vulnerabilities triggered by a maliciously crafted pskernel.dll file.

Can CVE-2023-25004 lead to serious consequences?

Yes, exploitation of CVE-2023-25004 can lead to severe consequences, including the potential for remote code execution.

Vulnerability/
CVE-2023-25004

high

7.8

CWE

190

27/6/2023

5/12/2024

CVE-2023-25004: Integer Overflow

First published: Tue Jun 27 2023(Updated: )

A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.

Credit: psirt@autodesk.com

Affected Software	Affected Version	How to fix
Autodesk Alias	>=2023<2023.1.1
AutoCAD	>=2020<2020.1.6
AutoCAD	>=2021<2021.1.3
AutoCAD	>=2022<2022.1.3
AutoCAD	>=2023<2023.1.1
Autodesk AutoCAD Advance Steel	>=2020<2020.1.6
Autodesk AutoCAD Advance Steel	>=2021<2021.1.3
Autodesk AutoCAD Advance Steel	>=2022<2022.1.3
Autodesk AutoCAD Advance Steel	>=2023<2023.1.1
AutoCAD	>=2020<2020.1.6
AutoCAD	>=2021<2021.1.3
AutoCAD	>=2022<2022.1.3
AutoCAD	>=2023<2023.1.1
Autodesk Civil 3D	>=2020<2020.1.6
Autodesk Civil 3D	>=2021<2021.1.3
Autodesk Civil 3D	>=2022<2022.1.3
Autodesk Civil 3D	>=2023<2023.1.1
AutoCAD	>=2020<2020.1.6
AutoCAD	>=2021<2021.1.3
AutoCAD	>=2022<2022.1.3
AutoCAD	>=2023<2023.1.1
AutoCAD LT	>=2020<2020.1.6
AutoCAD LT	>=2021<2021.1.3
AutoCAD LT	>=2022<2022.1.3
AutoCAD LT	>=2023<2023.1.1
AutoCAD	>=2020<2020.1.6
AutoCAD	>=2021<2021.1.3
AutoCAD	>=2022<2022.1.3
AutoCAD	>=2023<2023.1.1
AutoCAD	>=2020<2020.1.6
AutoCAD	>=2021<2021.1.3
AutoCAD	>=2022<2022.1.3
AutoCAD	>=2023<2023.1.1
AutoCAD	>=2020<2020.1.6
AutoCAD	>=2021<2021.1.3
AutoCAD	>=2022<2022.1.3
AutoCAD	>=2023<2023.1.1
AutoCAD	>=2020<2020.1.6
AutoCAD	>=2021<2021.1.3
AutoCAD	>=2022<2022.1.3
AutoCAD	>=2023<2023.1.1
Autodesk InfraWorks	>=2021<2021.2
Autodesk InfraWorks	>=2022<2022.1
Autodesk InfraWorks	>=2023<2023.1
Autodesk Inventor	>=2021<2021.5
Autodesk Inventor	>=2022<2022.4
Autodesk Inventor	>=2023<2023.3.1
Autodesk Maya	>=2022<2022.5
Autodesk Maya	>=2023<2023.3
Autodesk Navisworks	>=2022<2022.4
Autodesk Navisworks	>=2023<2023.2
Autodesk Revit Architecture	>=2021<2021.1.8
Autodesk VRED	>=2023<2023.4

Never miss a vulnerability like this again

Reference Links

https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009

Frequently Asked Questions

What is the severity of CVE-2023-25004?
CVE-2023-25004 has been classified with a severity level that could allow for code execution through integer overflow vulnerabilities.
How do I fix CVE-2023-25004?
To fix CVE-2023-25004, update the affected Autodesk products to the latest version provided by Autodesk.
Which Autodesk products are affected by CVE-2023-25004?
CVE-2023-25004 affects several Autodesk products including Autodesk Alias, AutoCAD, AutoCAD Advance Steel, and others from specific versions.
What types of vulnerabilities does CVE-2023-25004 involve?
CVE-2023-25004 involves integer overflow vulnerabilities triggered by a maliciously crafted pskernel.dll file.
Can CVE-2023-25004 lead to serious consequences?
Yes, exploitation of CVE-2023-25004 can lead to severe consequences, including the potential for remote code execution.

agent/type
agent/author
agent/weakness
agent/references
agent/description
agent/first-publish-date
agent/severity
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/autodesk
canonical/autodesk alias
version/autodesk alias/2023
canonical/autocad
version/autocad/2020
version/autocad/2021
version/autocad/2022
version/autocad/2023
canonical/autodesk autocad advance steel
version/autodesk autocad advance steel/2020
version/autodesk autocad advance steel/2021
version/autodesk autocad advance steel/2022
version/autodesk autocad advance steel/2023
canonical/autodesk civil 3d
version/autodesk civil 3d/2020
version/autodesk civil 3d/2021
version/autodesk civil 3d/2022
version/autodesk civil 3d/2023
canonical/autocad lt
version/autocad lt/2020
version/autocad lt/2021
version/autocad lt/2022
version/autocad lt/2023
canonical/autodesk infraworks
version/autodesk infraworks/2021
version/autodesk infraworks/2022
version/autodesk infraworks/2023
canonical/autodesk inventor
version/autodesk inventor/2021
version/autodesk inventor/2022
version/autodesk inventor/2023
canonical/autodesk maya
version/autodesk maya/2022
version/autodesk maya/2023
canonical/autodesk navisworks
version/autodesk navisworks/2022
version/autodesk navisworks/2023
canonical/autodesk revit architecture
version/autodesk revit architecture/2021
canonical/autodesk vred
version/autodesk vred/2023